Last week, the Illinois House of Representatives joined the Illinois Senate in passing amendments to the state’s Biometric Information Privacy Act (“BIPA”) to limit the scope of possible damages for violations of BIPA. As covered extensively here on PW, last year in Cothron v. White Castle, the Illinois Supreme Court held that an individual person accrues a separate statutory claim each time a defendant collects or discloses the individual’s biometric information in violation of BIPA. While the dissent in Cothron accurately observed that the combination of statutory damages and “per-scan” accrual meant that businesses could face “punitive, crippling liability . . . wildly exceeding any remotely reasonable estimate of harm,” the Cothron majority determined that “concerns about potentially excessive damage awards under the Act are best addressed by the legislature.”
Taking up the invitation, the Illinois General Assembly’s bill, S.B. 2979, amends BIPA to overrule Cothron by limiting an individual to at most one recovery for the improper collection of the same biometric information, or disclosure of the same biometric information to the same recipient. This change would decrease the maximum liability faced by business with frequent collection or disclosure of biometric information from individuals.
As of publication, the bill is on the desk of the Illinois Governor. PW will be following the BIPA litigation landscape to see how it changes in response to this bill.